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AB An access control processor for a conditional access system in 



which 

***encrypted*** information ***segments*** provided by a 
plurality 

of information service providers are encrypted for transmission 

in 

accordance with different conditional access processes respecti 

vely 

utilizing ***dif ferent*** ***algorithms*** for encrypti 

ng the 

information segments. The processor includes a decryptor in an 
information receiver by decrypting encrypted information segmet 

s 

received by the information receiver by processing the received 
***encrypted*** information ***segments*** with a session 
key used 

for encrypting the information segments in accordance with an a 
lgorithm 

utilized in one of said. . . access processes; and a conditi 

onal 

access controller in the information receiver for selectively e 
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nabling 

the decryptor to decrypt received information *** segments*** 
***encrypted*** in accordance with any of said different cond 

itional 

access processes by providing to the decryptor cryptographic in 
formation 

for defining the. . . utilized in said one of said different 
conditional access processes for use by the decryptor to decryp 

t the 

received information ***segment*** ***encrypted*** in a 

ccordance 

with said algorithm. Algorithm-defining cryptographic informati 



on is 



on 



downloaded from an information stream received by the informati 



receiver. Transmission. 
SUMM In the prior art, ***encrypted*** information ***segments 



St St 



ccess 



respectively provided by a plurality of different conditional a 



information service providers are respectively encrypted for 
transmission in accordance with different conditional access pr 
ocesses, 

which may respectively utilize ***dif f erent*** ***algorit 

hms*** 

for encrypting the information segments; and the differently 
***encrypted*** information ***segments*** are respective 

iy 

decrypted by differently configured information receivers respe 

ctively 

containing access control processors adapted for enabling decry 
ption of 

only ***encrypted*** information ***segments*** 
***encrypted*** in accordance with one of the different condi 

tional 

access processes. An encryption algorithm is a process by which 
a given. 

• • 

SUMM . . . Klein S. Gilhousen, Jerrold A. Heller, Michael V. Hard 
ing and 

Robert D. Blakeney. In such conditional access system, an infor 

mation 

***segment*** is ***encrypted*** for transmission by sera 

mbling 

the information segment with a keystream that is produced by pr 
ocessing 

a secure session key in. . . algorithm. In an information re 
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ceiver of 

such a conditional access system, the encrypted information sig 

nal is 

decrypted by descrambling the ***encrypted*** information 
***segment*** with a keystream that is produced by processing 

the 

secure session key in accordance with the predetermined encrypt 

ion 

algorithm. The. . . is processed to produce the keystream th 

at is 

used to scramble an information segment for a given transmissio 
n of the 

***encrypted*** information ***segment*** . Typically the 

session 

key is processed with another key and/or a data signal to produ 

ce the 

keystream. In the two. 
SUMM The prior art has suggested a conditional access system that wo 
uld 

enable ***encrypted*** information ***segments*** respe 

ctively 

***encrypted*** for transmission in accordance with different 
conditional access processes to be descrambled through use of a 
standard 

information receiver having. . . the different conditional a 

ccess 

information service providers for enabling a common descrambler 

in the 

information receiver to descramble received information ***se 
gments*** 

***encrypted*** in accordance with any of the different condi 

tional 

access processes. In such a system the use of a common descramb 

ler to 

decrypt ***encrypted*** information ***segments*** prov 

ided by 

any of a plurality of different information service providers t 

hat 

respectively ***encrypt*** information ***segments*** f 

or 

transmission in accordance with any of a plurality of different 
conditional access processes respectively utilizing ***differ 

ent*** 

***algorithms*** for encrypting the information segments woul 
d make it 

necessary that each of the detachable conditional access module 

s 

respectively provided by. 
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SUMM The present invention provides an access control processor for 
a 

conditional access system in which ***encrypted*** informat 

ion 

*** segments*** provided by a plurality of information service 
providers are encrypted for transmission in accordance with dif 

f erent 

conditional access processes respectively utilizing ***differ 

ent*** 

***algorithms*** for encrypting the information segments, the 
processor comprising a decryptor in an information receiver for 



decrypting 



•k k "k 



encrypted 



•Jb' *Jr tAt 



information *** segments 



eceived 



by the information receiver by processing the received 



k k k 



k k k 



enc 



rypted*** 

information ***segments*** with a session key used for encr 

ypting 

the information segments in accordance with an algorithm utiliz 
ed in one 

of said. . . access processes; and a conditional access cont 
roller in 

the information receiver for selectively enabling the decryptor 

to 

decrypt received information ***segments*** ***encrypted* 

** in 

accordance with any of said different conditional access proces 

ses by 

providing to the decryptor cryptographic information for defini 

ng the. 

utilized in said one of said different conditional access 
processes for use by the decryptor to decrypt the received info 

rmation 

***segment*** ***encrypted*** in accordance with said alg 

orithm. 

The cryptographic information for defining the encryption algor 
ithm may 

define various bit selection and/or processing. 
SUMM . be contained in a detachable conditional access module 

that 

would be interfaced with the information receiver for enabling 
decryption of ***encrypted*** information ***segments*** 



the 



time . 



provided by such service provider, thereby reducing the cost of 
detachable conditional access modules, which are replaced from 



SUMM 



present invention also provides a conditional access s 
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ystem 

including the above-described access control processor in combi 

nation 

with encryption means for ***encrypting*** information 
***segments*** for transmission in accordance with different 
conditional access processes respectively utilizing ***differ 

ent*** 

***algorithms*** for encrypting the information segments, 
SIMM - In another aspect, the present invention provides an access con 
trol 

processor for a conditional access system in which an ***encr 
ypted*** 

information ***segment*** provided by an information servic 

e 

provider is encrypted for transmission in accordance with a con 
ditional 

access process utilizing an algorithm for encrypting the inform 

ation 

segment, the processor comprising a decryptor in an information 
receiver 

for decrypting ***encr ypted*** information *** segments*** 

received by the information receiver by processing the received 
***encrypted*** information *** segments*** with a session 
key used 

for encrypting the information segments in accordance with an a 
lgorithm 

utilized in said conditional access process; and a conditional 

access 

controller in the information receiver for enabling the decrypt 

or to 

decrypt received information ***segments*** ***encr ypted* 

** in 

accordance with said conditional access process by providing to 

the 

decryptor cryptographic information for defining the algorithm 
utilized 

in said conditional access process for use by the decryptor to 

decrypt 

the received information ***segments*** ***encrypted*** 

in 

accordance with said algorithm, wherein the conditional access 
controller includes means for detecting within an information s 

tream 

received by the information receiver cryptographic information 

for 

defining the algorithm used for ***encrypting*** informatio 

n 
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***segments*** in accordance with said conditional access pro 
cess; and 

means for downloading the detected cryptographic information fr 

om said 

information stream. 
SUMM In a further aspect, the present invention provides an access c 
ontrol 

processor for a conditional access system in which an ***encr 
ypted*** 

information ***segment*** provided by an information servic 

e 

provider is encrypted for transmission in accordance with a giv 

en 

conditional access process, the processor comprising a decrypto 

r in an 

information receiver for decrypting ***encrypted*** informa 

tion 

***segments*** received by the information receiver; and a co 
nditional 

access controller in the information receiver for enabling the 
decryptor 

to decrypt received information ***segments*** ***encrypt 

ed*** 

in accordance with the given conditional access process; wherei 

n the 

conditional access controller includes means for requesting tra 
nsmission 

to the . 

DETD . . . information service provider A for transmission in acc 
ordance 

with a first conditional access processes utilizing a first alg 
orithm A 

for ***encrypting*** information ***segments*** 14a; an 

d a 

second information server 10b encrypts clear information segmen 

ts 14b 

provided by a second information service provider B. 
DETD ... a session key K in accordance with the first algorithm 
A 

utilized in the first conditional access process to provide 
***encrypted*** information ***segments*** 23. The sessio 

n key K 

is included in cryptographic information 24 that is processed b 

y the 

entitlement message generator 20 with entitlement information 2 

5 to 

provide entitlement messages 26. The encoder 22 combines the 
*** encrypted*** information ***segments*** 23 and entitle 
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ment 

messages 2 6 to provide a combined signal 27 for transmission. E 

xamples 

of entitlement information are described in, 
DETD The demultiplexer 33 demultiplexes a received combined signal 3 
8 

containing ***encrypted*** information ***segments*** a 

nd 

entitlement messages and provides the received ***encrypted** 
information ***segments*** 23 to the decryptor 31 and the r 

eceived 

entitlement messages 26 to the conditional access controller 32 

• 

DETD . , . processes the entitlement messages 26 to determine whe 
ther the 

decryptor 31 in the information receiver 12 is authorized to de 

crypt 

***encrypted*** information ***segments*** 23 identified 

by the 

service request signal 40. Upon determining that the decryptor 

31 and 

thereby the information receiver 12. . . 32 provides appropr 

iate 

cryptographic information 42 to the decryptor 31 to thereby ena 

ble the 

decryptor 31 to decrypt the received ***encrypted*** inform 

ation 

***segments*** 23. The cryptographic information 42 includes 

the 

session key K and cryptographic data for defining the algorithm 

A or B 

utilized in the conditional access process used to produce the 
***encrypted*** information ***segments*** 23 identified 

by the 

service request signal 40 . 

DETD The decryptor 31 then decrypts the received *** encrypted*** 
information ***segments*** 23 by processing the received 
***encrypted*** information ***segments*** 23 with the se 

ssion key 

K used for encrypting the information segments in accordance wi 

th the 

algorithm A or B utilized in the conditional access process use 

d to 

produce the ***encrypted*** information ***segments*** 

23, to 

thereby reproduce the clear information segments 14, which are 
provided 
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to the information processor 35. 
DETD The decryptor 51 receives a combined signal 58 containing 

***encrypted*** information ***segments*** and entitlemen 

t 

messages . 

DETD . . . decryptor 51 is enabled for decryption, the combined s 
ignal 59 

provided from the decryptor 51 to the demultiplexer 53 includes 
***encrypted*** information ***segments*** 

DETD . . . processes the entitlement messages 60 to determine whe 

ther the 

decryptor 51 in the information receiver 49 is authorized to de 

crypt 

***encrypted*** information ***segments*** identified by 

the 

service request signal 62. Upon determining that the decryptor 

51 and 

thereby the information receiver 49 is. . . 52 provides appr 

opriate 

cryptographic information 64 to the decryptor 51 to thereby ena 

ble the 

decryptor 51 to decrypt the received ***encrypted*** inform 

ation 

***segments*** included in the received combined signal 58. T 

cryptographic information 64 includes the session key K and 
cryptographic data for defining the algorithm A or B utilized i 

conditional access process used to produce the ***encrypted** 



he 



n the 



information ***segments*** identified by the service reques 
t signal 

62. Since the combined signals 27a provided by the information 

server 

10a of information service provider A may incorporate the 
***encrypted*** information ***segments*** into the combi 

ned 

signal 27a in a different format than the format used for such 

purpose 

by the information server. . . 51 by the conditional access 
controller 52 further includes format data that enables the dec 
ryptor 51 

to decrypt only the ***encrypted*** information ***segmen 

ts*** 

included in the combined signal 58. 
DETD . . . decryption, the combined signal 59 provided from the d 
ecryptor 

51 to the demultiplexer 53 includes clear information segments 
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rather 

than ***encrypted*** information ***segments*** 
DETD The decryptor 51 decrypts the received ***encrypted*** info 
rmation 

***segments*** in the combined signal 58 by processing the re 

ceived 

***encrypted*** information ***segments*** with the sessi 
on key K 

used for encrypting the information segments in accordance with 

the 

algorithm A or B utilized in the conditional access process use 

d to 

produce the ***encrypted*** information ***segments*** , 

to 

thereby reproduce the clear information segments 14, which are 
provided 

by the multiplexer 53 to the information processor 55. 
DETD ... 82 stored in the memory 74 to determine whether the de 
cryptor 

31 in the information receiver is authorized to decrypt 
***encrypted*** information ***segments*** identified by 

the 

service request signal 40. Upon determining that the decryptor 

31 and 

thereby the information receiver is so. 
DETD ... to thereby provide to the decryptor 31 the cryptograph 
ic 

information 42 that enables the decryptor 31 to decrypt the rec 

eived 

***encrypted*** information ***segments*** 23 identified 

by the 

service request signal 40. As indicated above, the cryptographi 

c 

information 42 includes the session key K. . . and cryptogra 

phic 

information for defining the algorithm A or B utilized in the 
conditional access process used to produce the ***encrypted** 

information ***segments*** identified by the service reques 
t signal 

40. 

DETD . . . identified in the service request signal 40. In one em 
bodiment, 

the memory 74 stores the cryptographic information for defining 

the 

***dif f erent*** ***algorithms*** A and B respectively use 

d in the 

different conditional access processes. In another embodiment t 
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he 

cryptographic information for defining each. . . 75 respecti 

vely 

provided by the different conditional access information servic 

e 

providers and respectively storing the cryptographic informatio 

n for 

defining the ***dif f erent*** ***algorithms*** A, B util 

ized for 

decrypting the received ***encrypted*** information ***se 
gments*** 

23 in accordance with the different conditional access processe 

s A and 

B. 

DETD of the service providers; and selects for decryption i 

n 

accordance with a predetermined priority based upon such status 
determinations the ***encrypted*** information ***segment 

•k ~k 

provided by one of the service providers. Examples of different 
statuses 

include, in order of priority: "blacked-out", "locked-out " , 

"authorized" , "available . 
DETD ... in the information receiver to determine that the deer 
yptor 31 

in the information receiver is authorized to decrypt the select 

ed 

***encrypted*** information ***segment*** . If the cryptog 

raphic 

information generator 72 is of the type described in the aforem 
entioned 

U.S. Pat. No. 4,712,238, at least. 
DETD ... algorithm that is used in the conditional access proce 
ss 

utilized by the information server 10a, 10b that encrypts the s 

elected 

***encrypted*** information ***segment*** and cryptograph 

ic data 

for use in generating a session key for use by the decryptor 32 

for 

decrypting information ***segments*** ***encrypted*** i 

n 

accordance with the given conditional access process, including 
data for 

defining an algorithm for generating the session key and. 

DETD . . . receiver 12, 49 includes all of the possible status me 
ssages 94 
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in addition to the entitlement messages 26 and the ***encrypt 

ed*** 

information ***segments*** 23, In this embodiment, the cond 

itional 

access controller 32, 52 includes a control processor 95, an 

authorization processor 96, a. 
DETD ... to thereby provide to the decryptor 31 the cryptograph 
ic 

information 42 that enables the decryptor 31 to decrypt the rec 

eived 

***encrypted*** information ***segments*** 23 identified 

by the 

service request signal 40 . 
DETD ... by the information provider. Hence each conditional ac 
cess 

service provider can customize its own conditional access algor 

ithms, 

including the information ***segment*** ***encryption*** 

algorithm. Accordingly the required integrated circuit sets in 
a present 

day proprietary network interface module are replaced by the ac 

cess. 

. 

CLM What is claimed is : 

by a plurality of information service providers are encrypte 

d for 

transmission in accordance with different conditional access pr 

ocesses 

respectively utilizing ***dif f erent*** ***algor ithms*** 

for 

encrypting the information segments, the processor comprising a 
decryptor in an information receiver for decrypting ***encryp 

ted*** 

information ***segments*** received by the information rece 

iver by 

processing the received ***encrypted*** information ***se 
gments*** 

with a session key used for encrypting the information segments 



m 



cess 



on 



ived 



e with 



accordance with an algorithm utilized in one of said. . . ac 
processes; and a conditional access controller in the in format i 
receiver for selectively enabling the decryptor to decrypt rece 
information ***segments*** ***encrypted*** in accordanc 
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any of said different conditional access processes by providing 

to the 

decryptor cryptographic information for defining the. . . ut 
ilized in 

said one of said different conditional access processes for use 

by the 

decryptor to decrypt the received information ***segment*** 
***encrypted*** in accordance with said algorithm. 

means for detecting within an information stream received by 

the 

information receiver cryptographic information for defining the 
algorithm used for ***encrypting*** information ***segmen 

ts*** 

in accordance with said one of said different conditional acces 

s 

■ processes; and means for downloading the detected cryptographic 
information from. 

claim 1, wherein the conditional access controller includes 

a memory 

in the information receiver storing cryptographic information f 

or 

defining said ***dif f erent*** ***algorithms*** respecti 

vely 

utilized in said different conditional access processes. 

service providers; and means for selecting for decryption in 
accordance with a predetermined priority based upon said status 
determinations the ***encrypted*** information ***segment 

■Jt - "Jlr 

provided by one of said service providers. 

algorithm provided by the conditional access controller to t 

he 

decryptor is provided in accordance with said selection of the 
selected 

***encrypted*** information *** segment*** provided by sai 

d one 

service provider. 

combination with a demultiplexer in the information receiver 

, wherein 

the demultiplexer is adapted for demultiplexing a received comb 

ined 

signal containing ***encrypted*** information ***segments 
* * * and 

entitlement messages; wherein the decryptor is coupled to the 
demultiplexer for receiving the demultiplexed ***encrypted*** 
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information ***segments*** for said decryption, and wherein 

the 

conditional access controller is coupled to the demultiplexer f 

or 

receiving the demultiplexed entitlement messages. 

according to claim 1 in combination with a demultiplexer in 

the 

information receiver, wherein the decryptor is adapted for deer 

ypting 

***encrypted*** information ***segments*** in a received 
combined 

signal containing ***encrypted*** information ***segments 
*** and 

entitlement messages, wherein the demultiplexer is coupled to t 

he 

decryptor for demultiplexing the combined signal following said 
decryption of the ***encrypted*** information ***segments 
*** by 

the decryptor; and wherein the conditional access controller is 
coupled 

to the demultiplexer for receiving the demultiplexed entitlemen 

t 

messages . 

encrypted information is provided by a plurality of informat 

ion 

service providers in accordance with different conditional acce 

ss 

processes respectively utilizing ***dif f erent*** ***algor 
ithms*** 

for encrypting the information, comprising encryption means for 
***encrypting*** information ***segments*** for transmiss 

ion in 

accordance with different conditional access processes respecti 

vely 

utilizing ***dif f erent*** ***algor ithms*** for encrypt i 

ng the 

information segments; a decryptor in an information receiver fo 

r 

decrypting ***encrypted*** information *** segments*** r 

eceived 

by the information receiver by processing the received ***enc 
rypted*** 

information ***segments*** with a session key used for encr 

ypting 

the information segments in accordance with an algorithm utiliz 
ed in one 

of said. . . access processes; and a conditional access cont 
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roller in 

the information receiver for selectively enabling the decryptor 

to 

decrypt received information *** segments*** ***encrypted* 

** in 

accordance with any of said different conditional access proces 

ses by 

providing to the decryptor cryptographic information for defini 

ng the . 

utilized in said one of said different conditional access 
processes for use by the decryptor to decrypt the received info 

rmation 

***segment*** ***encrypted*** in accordance with said alg 

orithm. 

other cryptographic information includes data for use in gen 

erating a 

session key for use by the decryptor for decrypting information 
***segments*** ***encrypted*** in accordance with the alg 

orithm 

utilized in said one of said different conditional access proce 
sses; and 

the conditional access controller. 

medium for use in an access control processor included in an 

information receiver of a conditional access system in which 

***encrypted*** information ***segments*** provided by a 
plurality 

of information service providers are encrypted for transmission 

in 

accordance with different conditional access processes respecti 

vely 

utilizing ***dif f erent*** ***algorithms*** for encrypti 

ng the 

information segments, and including a decryptor for decrypting 
***encrypted*** information ***segments*** received by th 

e 

information receiver by processing the received ***encrypted* 
information ***segments*** with a session key used for encr 

ypting 

the information segments in accordance with an algorithm utiliz 
ed in one 

of said, • . medium is configured so as the cause the condit 

ional 

access controller to selectively enable the decryptor to decryp 

t 

received information ***segments*** ***encrypted*** in 

accordance with any of said different conditional access proces 
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ses, by 

providing to the decryptor cryptographic information for defini 

ng the . 

utilized in said one of said different conditional access 
processes for use by the decryptor to decrypt the received info 

rmation 

*** segment*** ***encrypted*** in accordance with said alg 

orithm. 

controller to detect within an information stream received b 

y the 

information receiver cryptographic information for defining the 
algorithm used for ***encrypting*** information ***segmen 

ts*** 

in accordance with said one of said different conditional acces 

s 

processes and to download the detected cryptographic informatio 

n from 

said. 

encrypted information is provided by a plurality of informat 

ion 

service providers in accordance with different conditional acce 

ss 

processes respectively utilizing ***dif f erent*** ***algor 
ithms*** 

for encrypting the information, comprising the steps of: (a) 
***encrypting*** information ***segments*** for transmiss 

ion in 

accordance with different conditional access processes respecti 

vely 

utilizing ***diff erent*** ***algorithms*** . for encrypti 

ng the 

information segments; (b) using a decryptor in an information r 

eceiver 

to decrypt ***encrypted*** information ***segments*** r 

eceived 

by the information receiver by processing the received ***enc 
rypted*** 

information ***segments*** with a session key used for encr 

ypting 

the information segments in accordance with an algorithm utiliz 
ed in one 

of said conditional access processes; and (c) in the informatio 

n 

receiver, selectively enabling the decryptor to decrypt receive 

d 

information ***segments*** ***encrypted*** in accordanc 

e with 
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any of said different conditional access processes by providing 

to the 

decryptor cryptographic information for defining the. . . ut 
ilized in 

said one of said different conditional access processes for use 

by the 

decryptor to decrypt the received information ***segment*** 
***encrypted*** in accordance with said algorithm. 

of: (d) detecting within an information stream received by t 

he 

information receiver cryptographic information for defining the 
algorithm used for ***encrypting*** information ***segmen 

ts*** 

in accordance with said one of said different conditional acces 

s 

processes; and (e) downloading the detected cryptographic infor 

mation 

from said. 

step of: (d) providing the cryptographic information from a 

memory in 

the information receiver storing cryptographic information for 
defining 

said ***dif f erent*** ***algorithms*** respectively util 

ized in 

said different conditional access processes. 

the service providers, and (e) selecting for decryption in a 

ccordance 

with a predetermined priority based upon said status determinat 
ions the 

***encrypted*** information ***segment*** provided by one 
of said 

service providers. 

of: (f) providing the cryptographic information for defining 

the 

algorithm to the decryptor in accordance with said selection of 

the 

***encrypted*** information ***segment*** provided by sai 

d one 

service provider. 

the cryptographic information includes data for use in gener 

ating a 

session key for use by the decryptor for decrypting information 
***segments*** ***encrypted*** in accordance with said on 

e 
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72 S ONE TIME PAD 
1 S LI (P) (CHANGING OR DYNAMIC) 



=> d kwic 



L2 ANSWER 1 OF 1 US PAT FULL 

SUMM Other modern encryption systems have attempted to simulate the 
key 

generation process of a *** one *** ***time*** ***pad** 

* by 

using pseudo-random generators which creates a long series of k 

eys 

having the statistical property of randomness. Patents on such. 

• • 

keys and using them to decrypt the transmitted ciphertext. Thus 

the 

system can change keys as often as desired, even ***changing* 
** the 

key for every block to be encrypted. The use of pseudo-random g 
enerators 

has greatly enhanced the strength of many systems, but it does 

not 

perfectly create a *** one *** ***time*** ***pad*** 



=> d pn 



L2 ANSWER 1 OF 1 US PAT FULL 
PI US 5003596 19910326 



:1 



L5 ANSWER 1 OF 3 US PAT FULL 
CLM What is claimed is: 

method according to claim 17, wherein the step of generating 

two or 

more round keys further includes the steps of: ***dividing*** 

the 

original ***k e y*** into a first key and a second key of equ 

al 

length; processing the first key using a ***hash*** functio 

n to 

obtain a first set of intermediate keys; and processing the sec 

ond key 
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using a ***hash*** function to obtain a second set of inter 

mediate 

keys . 

37. The system according to claim 36, wherein the key processor 
further 

comprises: a ***] ce y*** separator for ***dividing*** the 
original 

***key*** into a first key and a second key of equal length; 

a first 

***hashing*** processor for processing the first key using a 
***hash*** function to obtain a first set of two or more inte 
rmediate 

keys; and a second ***hashing*** processor for processing t 
he second 

key using a ***hash*** function to obtain a second set of t 

wo or 

more intermediate keys . 

NCL NCLM: ***380/029 . 000*** 
NCLS: *** 380/037. 000*** 

:2 
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CLM What is claimed is: 

monotonic, single valued function having a value for its ind 

ependent 

variable which is a product of an integer times a ***hashed** 

* value 

characteristic of said selected publisher; said key value capab 

le of 

being read by a book validation program to enable. . . syste 

m, said 

key value by determining an inverse value for a customized inve 

rse 

monotonic, single valued function expression using said ***ke 

value, ***dividing*** said inverse value by said ***hashe 

value to obtain a quotient value and determining if said quotie 
nt value 

is an integer. 

monotonic, single valued function having a value for its ind 

ependent 

variable which is a product of an integer times a ***hashed** 

* value 
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characteristic of said selected publisher; said key value capab 

le of 

being read by a book validation means to enable. * . validat 
ing said 

key value by determining an inverse value for a customized inve 

rse 

monotonic, single valued function expression using said ***ke 

value, ***dividing*** said inverse value by said ***hashe 

value to obtain a quotient value and determining if said quotie 
nt value 

is an integer. 

NCL NCLM: 705/051 . 000 

NCLS: ***380/028.000*** ; ***380/277 . 000*** ; 704/001.00 

0; 

707/500.000; ***713/168 . 000*** 

:3 
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DETD ... is to use a means similar to Cipher Block Chaining (CB 
C) mode, 

as defined for the DEA. In this case, ***k e y*** record is 
***divided*** into blocks whose length is such that each bloc 
k can be 

encrypted with the asymmetric key algorithm. After each step, 
step 522 control vector and key record are concatenated to form 

an 

intermediate value called HA- IN. At step 523, a ***hash*** 

value 

***HASH2*** is calculated on HA- IN using ***hash*** algor 
ithm ha2 . 

For example, ***hash*** algorithm ha2 may be the MDC-2 algo 
rithm of 

FIG. 5 and ***HASH2*** a 128-bit MDC value. The value *** 
HASH2*** 

is for practical purposes defined to be the key authenticator r 

ecord 

(KAR) . However, the KAR may contain additional data besides 
***HASH2*** . At step 524, KAR is decrypted with private maste 
r key PRO 

to produce dPRO (KAR) . In public key cryptography, the ciphertex 
t . . . 

NCL NCLM: ***380/277 . 000*** 

NCLS: ***380/030.000*** ; ***380/280 . 000*** 
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